![]() ![]() ![]() 6 Planning 6.1 Actions to address risks and opportunities 6.1.1 General There are even a number of tools and techniques that focus on managing risks to information. There are many tools and techniques available for managing organizational risks. This toolset needs to be consistent, repeatable, cost-effective and reduce risks to a reasonable level. Therefore, the organization must have a tool set to assist them in sharing a commonly understood view with IT and business managers concerning the potential impact of various IT security-related threats to the mission. Limited resources and an ever-changing landscape of threats and vulnerabilities make completely mitigating all risks impossible. Managing uncertainties is not an easy task. The organization must manage these uncertainties. All organizations are exposed to uncertainties, some of which impact the organization in a negative manner. The fundamental precept of information security is to support the mission of the organization. An understanding of risk and the application of risk assessment methodology is essential to being able to efficiently and effectively create a secure computing environment. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |